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AMENDMENTS TO THE CLAIMS 



1 1 . (currently amended) A method for implementing management policies 

2 on a network using topology reduction, the network including at least a first domain 

3 having a plurality of network elements, the method comprising: 

4 determining one or more management components in the network; 

5 determining two or more domains, wherein each (a) is bounded, in the network, by 

6 one or more of the management components and (b) does not contain any management 

7 components: 

8 determining a communication path passing through the first domain of the network 

9 that characterizes the first domain as a node, the communication path being characterized to 

10 pass communications without information loss; and 

1 1 implementing a management policy for the network using the communication path. 

1 2. (original) The method of claim 1, wherein implementing a management policy 

2 includes implementing a firewall configuration on the communication path. 

1 3. (original) The method of claim 1 , wherein determining a communication path 

2 passing through the first domain includes identifying a second domain for a source element 

3 of a conmiunication that uses the communication path, and identifying a third domain for a 

4 destination element for the communication, the second and third domain each including a 

5 plurality of network elements. 

1 4. (original) The method of claim 1 , wherein determining a communication path 

2 passing through the first domain includes: 
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3 identifying a second domain for a source element of a communication that uses the 

4 communication path, the second domain including a plurality of network elements; 

5 identifying a third domain for a destination element for the communication, the third 

6 domain including a plurality of network elements; and 

7 characterizing a portion of the communication path within the second domain as a 

8 distance between the source element and an interface to the second domain, the portion of the 

9 communication path within the second domain being characterized without information loss. 

1 5 . (original) The method of claim 1 , wherein determining a communication path 

2 passing through the first domain includes: 

3 identifying a second domain for a source element of a communication that uses the 

4 communication path, the second domain including a plurality of network elements; 

5 identifying a third domain for a destination element for the communication, the third 

6 domain including a plurality network elements; 

7 characterizing a portion of the communication path within the second domain as a 



8 distance between the source element and an interface to the second domain, the portion of the 

9 communication path within the second domain being characterized without information loss; 

10 and 

1 1 characterizing a portion of the communication path within the third domain as a 

12 distance between the destination element and an interface to the third domain, the portion of 

13 the communication path within the third domain being characterized without information 

14 loss. 
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1 6. (original) The method of claim 1, wherein determining a communication path 

2 passing through the first domain includes identifying a second domain containing a source 

3 element and a destination element, a communication from the source element being signaled 

4 from the second domain to the first domain before being signaled to the destination element 

5 in the second domain. 

1 7. (original) The method of claim 1 , wherein determining a communication path 

2 passing through the first domain includes: 

3 identifying a second domain for a source element of a conmiunication that uses the 

4 communication path, the second domain including a plurality of network elements; 

5 identifying a third domain for a destination element for the communication, the third 

6 domain including a plurality of network elements; 

7 characterizing a portion of the communication path within the second domain as a 



8 distance between the source element and an interface to the second domain, the portion of the 

9 communication path within the second domain being characterized without information loss; 
10 and 



1 1 characterizing a portion of the communication path within the third domain as a 

12 distance between the destination element and an interface to the third domain, the portion of 

13 the communication path within the third domain being characterized without information 

14 loss; and 

1 5 characterizing a portion of the communication path passing through the first domain 

16 as a distance between the second domain and the third domain. 
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1 8. (original) A method for implementing management policies on a network 

2 using a policy server, the method comprising: 

3 identifying a plurality of domains in the network, the plurality of domains each 

4 including a plurality of network elements; 

5 identifying a first domain in the plurality of domains having a cloudification 

6 characteristic, the first domain having at least a first management component and a 

7 corresponding interface that forms an edge to the first domain; and 

8 characterizing at least a first communication path for communications having an end 

9 element within the first domain as being a distance between the corresponding interface to 

10 the first domain and the end element, the first communication path passing communications 

1 1 without information loss. 

1 9. (original) The method of claim 8, fiirther comprising implementing a 

2 management policy using the first communication path. 

1 10. (original) The method of claim 8, fiirther comprising storing the first 

2 communication path as a data structure defining the distance between the corresponding 

3 interface to the first domain and the end element. 

1 11. (original) The method of claim 8, wherein identifying a plurality of domains 

2 in the network includes identifying a plurality of management components, each 

3 management component having a corresponding interface and forming an edge for at least 

4 one domain. 
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1 12. (original) The method of claim 8, wherein identifying a pluraUty of domains 

2 in the network includes identifying a pluraUty of network elements that are interconnected 

3 between one or more interfaces of management components. 

1 13. (original) The method of claim 8, wherein identifying a plurality of domains 

2 in the network includes identifying a plurality of firewall components, each firewall 

3 component having a corresponding interface and forming an edge for at least one domain. 

1 14. (original) The method of claim 8, wherein identifying a first domain in the 

2 plurality of domains having a cloudification characteristic includes determining that the first 

3 management component has only one interface to the first domain. 

1 15. (original) The method of claim 8, wherein identifying a first domain in the 

2 plurality of domains having a cloudification characteristic includes determining that each 

3 management component for the first domain has multiple interfaces to the first domain, 

4 wherein each of the multiple interfaces are configured to forward communications received 

5 from a network element within the first domain to another element or interface that is 

6 exterior to the first domain. 

1 16. (original) The method of claim 10, wherein identifying a first domain in the 

2 plurality of domains having a cloudification characteristic includes determining that the first 

3 domain has only one or two corresponding interfaces that form edges for that domain. 
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1 17. (currently amended) A method for implementing management policies on a 

2 network using a policy server, the method comprising: 

3 identifying a plurality of domains in the network, each of the plurality of domains 

4 having at least one network element; 

5 identifying a plurality of cloudified domains from the plurality of domains, each 

6 cloudified domain being bounded by a management component and at least one interface for 

7 the management component; 

8 identifying a source element and a destination element for a communication; and 

9 defining a plurality of communication paths passing within a first cloudified domain 

10 in the plurality of cloudified domains, each of the plurality of communication paths 

1 1 characterizing the first cloudified domain as a distance between an interface to the first 

12 domain and an end point element, the end point element characterizing at least one of the 

13 source element and 'the destination element, each of the plurality of communication paths 

14 passing communications within the first cloudified domain without information loss.-and 

1 18. (original) The method of claim 17, further comprising implementing a 

2 management pohcy using one of the communication paths. 

1 19. (original) The method of claim 17, further comprising selecting a 

2 communication path from the plurality of communication paths, and implementing a 

3 management policy using the selected communication path 
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1 20. (original) The method of claim 1 7, wherein defining the plurality of 

2 communication paths includes characterizing one or more of the communication paths as a 

3 data structure that defines a distance between a network element of that domain and an 

4 interface to the management component of that domain. 

1 21 . (original) The method of claim 1 7, wherein defining the plurality of 

2 communication paths includes: 

3 characterizing one or more of the communication paths as a first data structure that 

4 defines a distance between each network element of that domain and an interface to the 

5 management component of that domain; and 

6 characterizing the one or more communication paths as a second data structure that 

7 defines a distance between two or more interfaces that bound that domain. 

1 22. (original) The method of claim 17, wherein identifying at least a first path in 

2 the plurality of communication paths includes characterizing the communication passing 

3 through a second cloudified domain in the plurality of domains as a node. 

1 23. (original) The method of claim 16, wherein identifying at least a first path in 

2 the plurality of communication paths includes: 

3 characterizing the communication passing through a second cloudified domain in the 

4 plurality of domains as a node; and 

5 characterizing the communication passing through a third cloudified domain in the 

6 plurality of domains as a second distance between an interface to the third cloudified domain 

7 and an end point element within the third cloudified domain. 
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1 24. (original) A method for implementing management policies using a policy 

2 server that is communicatively coupled to one or more managed devices in a network, the 

3 method comprising: 

4 identifying a plurality of domains in the network, each of the plurality of domains 

5 having at least one network element; 

6 identifying a plurality of cloudified domains from the plurality of domains, each 

7 cloudified domain being bounded by one or more management components and at least one 

8 interface for each of the one or more management components; 

9 determining a first data structure for each of the plurality of cloudified domains, the 

10 first data structure including a data element that specifies a distance between each network 

1 1 element in that cloudified domain and the at least one interface for the one or more 

12 management component that boimd that cloudified domain; 

13 determining a second data structure for each of the cloudified domains, the second 

14 data structure including a data element that specifies a distance between each of the 

15 interfaces of the one or more management components that bound the cloudified domain; and 

16 storing the first data structure and the second data structure. 

1 25. (original) The method of claim 24, fixrther comprising accessing the first data 

2 structure and the second data structure to determine a first path for passing communications 

3 without information loss within at least one of the cloudified domains. 
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1 26. (original) The method of claim 24, further comprising determining a plurality 

2 of paths for passing communications without information loss within the at least one of the 

3 cloudifed domains using the first data structure and the second data structure, and selecting a 

4 first path from the plurality of paths. 

1 27. (original) The method of claim 24, further comprising accessing the first data 

2 structure and the second data structure to determine a plurality of paths for passing 

3 communications without information loss within the at least one of the cloudifed domains, 

4 and selecting a first path fi^om the plurality of paths having a smallest distance for passing the 

5 communications. 

1 28. (original) A computer readable medium for implementing a management 

2 policy on a network, the computer readable medium carrying instructions for performing the 

3 steps of: 

4 identifying a plurality of domains in the network, each of the plurality of domains 

5 having at least one network element; 

6 identifying a plurality of cloudified domains from the plurality of domains, each 

7 cloudified domain being bounded by one or more management components and at least one 

8 interface for each of the one or more management components; 

9 determining a first data structure for each of the plurality of cloudified domains, the 

10 first data structure including a data element that specifies a distance between each network 

1 1 element in that cloudified domain and the at least one interface for the one or more 

12 management component that bound that cloudified domain; 
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13 determining a second data structiire for each of the cloudified domains, the second 

14 data structure including a data element that specifies a distance between each of the 

15 interfaces of the one or more management components that bound the cloudified domain; and 

16 storing the first data structure and the second data structure. 

1 29. (original) The computer readable medium of claim 28, further comprising 

2 instructions for accessing the first data structure and the second data structure to determine a 

3 first path for passing communications without information loss within at least one of the 

4 cloudified domains. 

1 30. (original) The computer readable medium of claim 28, fiirther comprising 

2 instructions for determining a plurality of paths for passing communications without 

3 information loss within the at least one of the cloudifed domains using the first data structure 

4 and the second data structure, and selecting a first path fi"om the plurality of paths. 

1 31. (original) The computer readable medium of claim 28, fiirther comprising 

2 instructions for accessing the first data structure and the second data structure to determine a 

3 plurality of paths for passing communications without information loss within the at least one 

4 of the cloudifed domains, and selecting a first path from the plurality of paths having a 

5 smallest distance for passing the communications. 

1 32. (currently amended) A computer system to implement management policies 

2 on a network using topology reduction, the network including at least a first domain having a 

3 plurality of network elements, the computer system comprising: ' 

4 means for determining one or more management components in the network: 

11 



Attorney Docket No. 50325-0554 



5 means for determining two or more domains, wherein each (a) is bounded, in the 

6 network, by one or more of the management components and (b) does not contain any 

7 management components: 

8 means for determining a communication path passing through the first domain of the 

9 network that characterizes the first domain as a node, the communication path being 

10 characterized to pass communications without information loss; and 

1 1 means for implementing a management policy for the network using the 

12 communication path. 

1 33. (original) A policy seryer communicatively coupled to one or more managed 

2 devices in a network to implement a management policy using topology reduction, the policy 

3 server comprising: '[ 

4 a processor configured to: 

5 identify a plurality of domains in the network, the plurality of domains each 

6 including a plurality of network elements; 

7 identify a first domain in the plurality of domains having a cloudification 

8 characteristic, the first domain having at least a first management component and a 

9 corresponding interface that forms an edge to the first domain; and 

10 characterize at least a first communication path for communications having an 

1 1 end element within the first domain as being a distance between the corresponding 

12 interface to the first domain and the end element, the first communication path 

1 3 passing communications without information loss. 
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